Mac OS X病毒：如何删除和防止Mac Protector恶意软件

Every Apple fanboy will tell you that Macs are safe from malware, but it’s just not true. Recently a fake AV program has been targeting and infecting OS X computers in the wild. Here’s a quick look at how it works, how to remove it, and also how to prevent it in the first place.

每个苹果迷都会告诉您，Mac可以抵御恶意软件的侵害，但事实并非如此。 最近，一个虚假的AV程序在野外瞄准并感染了OS X计算机。 快速浏览一下它的工作原理，如何删除它，以及首先如何防止它。

The virus in question is actually a fake antivirus and trojan which goes by a few different names. It may present itself as Apple Security Center, Apple Web Security, Mac Defender, Mac Protector, and possibly many other names.

有问题的病毒实际上是假冒的防病毒和特洛伊木马，名称不同。 它可能会以Apple安全中心，Apple Web Security，Mac Defender，Mac Protector以及可能的许多其他名称显示。

Note: we encountered this malware on a handful of user workstations at my day job, and then spent some time doing analysis of how it works. This is a real piece of malware, that’s really infecting people.

注意：在我的日常工作中，我们在少数用户工作站上遇到了该恶意软件，然后花了一些时间来分析其工作方式。 这是真正的恶意软件，确实感染了人们。

Mac Protector恶意软件感染的屏幕快照 (Screenshot Tour of a Mac Protector Malware Infection)

The infection comes about from a webpage redirect which will present the user with the following page, that makes it appear like a real Mac OS X popup dialog.

感染来自网页重定向，该网页重定向将向用户显示以下页面，使其看起来像真正的Mac OS X弹出对话框。

If the user clicks remove all they will immediately begin downloading a package which will install the virus.

如果用户单击“删除”，则他们将立即开始下载将安装病毒的软件包。

Once downloaded your computer will probably automatically begin installation. Luckily, for now, you still have to manu